"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
With the threat landscape significantly different since it issued its guidance four years ago, NIST sets out to revise Special Publication 800-61, Computer Security Incident Handling Guide, with help from industry, government agencies and academia.
Banking regulators have begun examining institutions for conformance to the FFIEC Authentication Guidance. What gaps have they found? Terry Austin of Guardian Analytics offers insight and security tips.
Challenged by sophisticated threats and the complexity and cost of security, global leaders wonder: "Is my organization going to be the next breach headline?" IBM's Latha Maripuri discusses global trends.
"People appreciate being contacted when particular transactions look risky," says Peter Tapling, President and CEO of Authentify. "Out-of-band authentication provides the opportunity to do that in real-time, at very low cost to the institutions."
Implementing a mobile device management system is critical for ensuring the security of patient information. But what questions should organizations ask mobile device management vendors to ensure they pick the right system?